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1. INTRODUCTION 

People nowadays are keen to get them up-to-date, with the accessibility of making maximum use of 
the internet. They want the information right on the palm. This goes the same for their house, as they can 
remotely monitor and control home appliances using a web-based graphical user interface (GUI) [1] or 
smartphones [2]. Whether in the office or at the sandy beaches, they can easily access their home regardless 
of time and place. Users can check the temperature [3], humidity [4], rainy seasons [5], gas leakage [6], and 
even watering their plants [7]. All they need is a smart gateway connected to the internet and communication 
within the sensors and actuators [8]-[12]. Users can monitor the sensors and control the actuators from the 
web-based GUI. For example, the air-conditioner operates within 30-minutes resident reaches home, the 
microwave heats the food, and the water sprinkler activates when it is time to water the plants or sense the 
soil is drying up [13], [14]. Eventually, this is the so-called self-healing IoT gateway [15]-[18]. Saito et al. 
[19] defined a home gateway as the ingress point between a personal area network and a public access 
network. This gateway can allow users to monitor, control, and analyze on a day-to-day basis. The device is 
connected to the sensors or actuators, connected directly via serial communication or zigbee [20] or long- 
range radio (LoRa) wirelessly [21]. Data collected from the sensors is then passed to the gateway before 
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being sent to cloud storage [22]-[24]. When the data is gathered, the gateway can analyze the provided data, 
such as gas leakage or surrounding temperature is too high, and take appropriate action, such as alarming 
users about the gas leakage via short message service (SMS) or email and activating the air ventilation [25]. 
This self-healing ability can save human life and help users safeguard the house. 

A secured connection is compulsory to avoid breaches from the impropriate gestures to the home 
network [26]. As many people live around us, predators try to sniff important data in the network [27]. Thus, 
having a virtual private network (VPN) connection is compulsory for IoT gateway to operate [28]. VPN 
enables the secure extension of a private network over an untrusted public network [29]. The internet 
engineering task force (IETF) has defined several protocols for establishing a VPN [30]. Secure sockets layer 
(SSL) and transport layer security (TLS) are two of them [31]. TLS is a protocol that combines the SSL 
certificates of its predecessor into a single standard. SSL/TLS has been extensively developed to address 
security and trust concerns while remaining transparent to the user. As a result, users create wireless VPNs 
using this protocol. The SSL/TLS protocols define the mechanisms to ensure secure data transmission over 
the internet [32]. The IETF controls the standards. The protocols are cryptographic protocols that ensure the 
security of computer network communications. Numerous protocols in various flavours are widely used in 
web browsing, email, instant messaging, and voice over internet protocol (VoIP) applications. For example, 
TLS, usually coupled with hypertext transfer protocol (HTTP), secures the web and uses the hypertext 
transfer protocol secure (HTTPS) uniform resource identifier (URI) scheme [33], [34]. TLS is the internet's 
cryptographic protocol. It comprises protocols for negotiating cryptographic parameters, encrypting and 
decrypting data, and reporting errors encountered during the process. As a result, a security analysis of any 
cryptographic protocol is required to identify any vulnerabilities and to assess the protocol's security 
properties [35]. 

Although the pandemic hit us in early 2020, the technology did not stop us from venturing into more 
and more newly developed methods and approaches. Everyone stayed back at home, but at the same time, we 
needed to gather valuable information from our site. Our site might be on an urban or rural site, and it might 
be that our site got no copper or fiber connection but eventually had a mobile data connection (4G or 5G) on 
our site. The latest 5G network for IoT devices [36] provides a large broadcast capacity that supports up to 
65,000 connections at a time. based on the telecom regulatory authority of india (TRAI), 93% of broadband 
penetration is in the urban area, while 29.3% is broadband penetration in India's rural areas [37]. Ahmed et 
al. discuss implementing IoT devices in rural areas with a Wi-Fi based Long Distance and 6LoWPAN 
enabled WSN network [38]. Kautsarina and Kusumawati [39] discuss the supportive technologies for IoT 
devices in rural areas. Carrillo and Seki [40] compare the long-term evolution (LTE) and the LoORAWAN 
application in rural areas involving UAVs to quantify the gain ratio coverage compared to the terrestrial 
scenario. Mohammed Sadeeq et al. [41] discuss security, storage and computational performance, and other 
challenges regarding cloud-IoT. Pourqasem [42] proposed the Cloud-based IoT integration, and the 
infrastructure was based on storing, processing and communication features. Providing the cloud-based IoT 
influences data format and connecting devices, thus providing the web service-based communication 
between IoT devices and the cloud [43]. 

In this paper best method connecting IoT devices with the cloud is proposed without having a 
copper/fiber connection and solely depending on the 4G/5G connection. To the best of our knowledge, this is 
the first work that focuses on integrating a secure protocol at the embedded interface, which is unique. 
Raspberry Pi is used as an example of an IoT gateway in our pilot deployment of the model for IoT gateway 
to demonstrate how this could be accomplished. As a result of a large number of low-cost and resource- 
constrained lightweight Internet of Things devices that are being connected over the internet, security 
measures have historically not been compatible with the processing power of these embedded controllers. 
because raspberry Pi can be integrated with Wi-Fi, serial peripheral interface (SPI), narrow-band imaging 
(NBI), Zigbee, LoRA, and a variety of other protocol connectivity, it is an excellent choice for our IoT 
gateway model. Raspbian, which is a Debian-based operating system, is also available for the Raspberry Pi. 
It can be configured to run a LAMP (Linux Apache, MySQL, and PHP), allowing the Raspberry Pi to 
function as a web server. A method such as Dataplicity and PiTunnel was analyzed to compare with the 
conventional setting. By using this method, users can connect to their device via internet connections from a 
remote location, where it makes the device's private address accessible from the internet via "IP tunnelling" 
technology, making the device reachable from anywhere in the world. 


2. METHOD 

The Raspberry Pi 3 model B is the hardware used in this study. The Raspberry Pi 3 model B is the 
most recent model available. The Raspberry Pi runs Linux and Windows operating systems (OS), allowing 
this credit-card-sized computer to act as an IoT gateway [44]. It also supports wired communication protocols 
like SPI and inter-integrated circuit (I2C), as well as wireless protocols like Zigbee and LoRa. In addition, 
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this minicomputer, powered by a 1.4 GHz Broadcom chip, can function as a standard computer with a 

camera port, 40 pin GPIO, and Wi-Fi connections. 

IoT gateway should provide and support internal and external data exchange in a smart home 
scenario [45]. Moreover, it is reliable to communicate with wired and wireless sensor nodes. Therefore, the 
IoT gateway need these requirements to work [46]: 

- Data forwarding: the IoT gateway's primary function is to send data from sensor nodes or the internet to 
receiving applications or software bound to its addresses. 

- Protocol conversion: the IoT gateway should convert communication protocols between the 
802.15.4/Zigbee/LoRa wireless protocol and TCP/IP protocols. The IoT gateway should collect packets 
from sensor nodes using short-distance wireless communication protocols (such as Zigbee) and long- 
distance wireless communication protocols (such as LoRa), then send them to telecommunication 
networks or the internet using 3G, Wi-Fi, and other network interfaces. As a result, the IoT gateway 
should analyze and repackage it before capsulating and sending it using telecommunication protocols 
after receiving sensor data. 

- Management and control: the IoT gateway should manage and control the sensor nodes in addition to 
receiving and uploading data. When the gateway receives commands from a remote server, it should 
process them and then send them to the sensor nodes via IoT gateway to manage and control the sensor 
network. 

Dataplicity [47] and PiTunnel [48] are two VPN providers for IoT gateway that were investigated. 
Remote access to the IoT gateway is available from both providers. The IoT gateway will be installed with 
installers from both providers. Dataplicity is nothing more than a VPN for your Raspberry Pi, as shown in 
Figure 1. This feature not only allows users to access their Raspberry Pi from anywhere, but it also enables 
them to "wormhole" a web server through the system, allowing them to run their own little website from the 
convenience of their all-in-one computer. 
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Figure 1. Dataplicity system flowchart [47] 


However, PiTunnel differs from dataplicity in that it makes some of its own modifications. Users 
can connect to their little computer via a terminal or the web by simply running a few commands on the local 
Pi. A one-of-a-kind feature is the ability to launch a command prompt from within the browser. Other 
services are heavily reliant on remote terminals for their operations. Although PiTunnel includes that feature, 
it is primarily concerned with tunnelling, which means that users can access any network service that is 
running on their raspberry Pi from anywhere in the world, whether it is using the HTTP protocol or some 
other custom protocol, without having to worry about setting up complicated network routing or static IP 
addresses as shown in Figure 2. 
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Figure 2. PiTunnel system flowchart [48] 


3. RESULTS AND DISCUSSION 

To choose the best VPN connections to be implemented into the IoT gateway, a few sets of tests 
were applied to the VPN to choose the best one. These tests focus on the applications between the VPN 
provider and IoT gateway. The main goal is to see the VPN provider control, access and modify the IoT 
gateway either thru web-based or GUI. 

For these, three different tests were made to see the following values: i) remote access from VPN 
website, ii) proper uniform resource locator (URL) designation, and iii) diagnostics tools for the IoT gateway. 
For the test to be done, both VPN provider installers need to install into IoT gateway. The installer command 
looks the same between the providers. They use the curl command to fetch and install the software into the 
IoT gateway. It takes time for the installer to be downloaded and installed into the IoT gateway. 


3.1. Remote access 

We need to know if dataplicity and PiTunnel allow users to remote access the IoT gateway for the 
first test. Remote access is the ability to access a computer from a remote location. The ability of remote 
access is provided either thru LAN, wide area network (WAN) or VPN. In addition, both providers allow 
users to remote the IoT gateway from the internet through their website. As we can see here in Figure 3, 
Dataplicity allows users to remotely access the user's device thru the Dataplicity agent that was previously 
installed. Dataplicity Wormhole allows connections from the internet, going to the IoT gateway terminal. The 
connections are then passed to the Dataplicity IoT router, and the user can see the terminal. For a website 
hosted in the IoT gateway, Dataplicity Wormhole open port 80 for access. The URL will change to 
devide_id.dataplicity.io. The URL is accessible as long as there is an internet connection from the IoT 
gateway. IoT gateway must have Apache running so that the website hosted inside can be seen from the 
internet. 
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Figure 3. Dataplicity VPN connection model [49] 
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Both Dataplicity and PiTunnel provide SSL/TLS connections to the IoT Gateway. These 
encryptions protocols offer security on the data transactions from the internet to the IoT Gateway. The test 
confirms that the providers can give full access to the user to remote to the IoT, as referred to in Figure 4 and 
Figure 5. 
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Figure 5. PiTunnel remote access 


3.2. Proper URL designation 

The user needs to install the webserver into the IoT gateway for the second test. The user can install 
either Nginx or Apache on the IoT gateway. Dataplicity provides two types of URLs to the user, where 
Dataplicity called the application a Wormhole. They use HTTPS embed in the domain to deliver security. 
One is a free domain, where the user uses a free given domain provided by Dataplicity, while the other one is 
paid domain, where the user needs to pay the domain monthly recurrence, and the user is free to choose its 
domain. Dataplicity offers a subdomain, which is the URL is: <subdomain>.dataplicity.io. 

For IoT gateway, we installed Joomla into the webserver. Joomla is a content management system 
(CMS) that is very popular for designing a website. It has a user-friendly front end and back end design. It 
uses the what you see is what you get (WYSIWYG) concept. According to Zhu et al. [50], the visible part of 
a web page includes tools like the Web Browser, the displayed contents, and the layout, while the invisible 
part includes the code written on the web page, such as extensible hypertext markup language (XHTML), 
cascading style sheets (CSS), and so on. The Joomla website template is crisp and manageable, allowing the 
user to amend at the back end. The structure and layout are user-controllable and require no website coding 
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savvy; thus, it is constructive. As we can see here in Figure 6, the layout is very structured and in place. 
However, the title and the menus are incorrect positions. The article also is in its location. This is what the 
user needs for the IoT gateway. 

Referring to Figure 7, PiTunnel, on the other hand, provides a free subdomain, and the user cannot 
choose its domain. PiTunnel also provides an HTTPS connection to the IoT gateway port. When the user 
accesses the Joomla template's website, the structure is miserable and improper. The menu is moving far 
below, and the article is shifted. 
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Figure 6. Dataplicity joomla layout 
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Figure 7. PiTunnel joomla layout 


3.3. Diagnostic tools 

For the third test, diagnostics tools for the IoT gateway. The diagnostics tools are vital as part of the 
IoT gateway, and the user needs to know the basic and in-depth condition of IoT gateway hardware. 
Dataplicity provides diagnostics tools, allowing the user to monitor system configuration from the user's 
mobile phone. Dataplicity segmented the tools into three parts: networking, system and advanced. 

The networking button tells the user which interfaces are connected to the internet, as seen in Figure 
8. It also stated the network traffic data, giving a real-time chart of the network traffic transmitted to or from 
the IoT gateway. This gives the user the first impression if there are suspicious attacks from outside. The high 
incoming traffic pattern from the internet will show the user that a flood ping or distributed denial of service 
(DDoS) attack is possible. After information theft, DDoS attacks are the second most common cybercrime. 
Flood attacks using the DDoS transmission control protocol (TCP) can quickly deplete the cloud's resources, 
consume most of its bandwidth, and damage an entire cloud project [51]. The user can recognize and take 
appropriate actions, such as appending the IP address or moving the IP address to a blocklist. The system 
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button tells the user the central processing unit (CPU), random-access memory (RAM), and disk usage 
conditions. The advanced button provides the ifconfig status, domain name system (DNS) resolver, mount 
point, and cpuinfo. Meanwhile, in Figure 9 PiTunnel only provided IoT gateway OS version, memory usage, 
CPU usage and temperature, graphics processing unit (GPU) temperature and active tunnel. 
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Figure 8. Dataplicity network traffic data 
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Figure 9. PiTunnel IoT gateway status 


Table 1. Comparison between conventional setting, Dataplicity and PiTunnel 


Description Conventional setting Dataplicity PiTunnel 
Network knowledge Intermediate/advanced Beginner Beginner 
; Both on router and IoT device, No changes to be 
Portiseiting vulnerable to DDoS attack Noichanges to bedone done 


IoT gateway behaviour 


Cannot detect 


Can be monitor 


Can be monitor 


Security WPA2 encryption Client-initiated HTTPS HTTPS Security 


4. CONCLUSION 

IoT gateway provides users with a web-based GUI for monitoring and controlling purposes, and 
users can do remote access to the IoT gateway in case of system support. The need for a virtual private 
network in the IoT gateway networking delivers security and private management. The non-authentic user 
will be prohibited from accessing the IoT gateway and reducing the possibility of hacking into the IoT 
gateway. In this paper, the authors analyzed VPN providers into IoT gateway for smart homes to choose the 
best for a set of scenarios using remote access, proper website URL and diagnostics tool. Concluding the 
VPN connectivity, Dataplicity provides such a reasonable provision for the user. Moreover, Dataplicity is a 
more reliable choice as they provide tremendous support for the backend and frontend environments. This 
connection can be expanded into smart agriculture, smart farming, smart factory, smart water sensor and 
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eHealth. Future research will also include a look at large-scale IoT infrastructure, penetration testing, and a 
live demonstration of a malicious attack. 
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